nessus 2.0.10a with original plugins
target:8080 running WWWOFFLE/2.8a (caching http proxy)
% nasl -t target lotus_path_disclosure.nasl
HTTP/1.1 503 WWWOFFLE Remote Host Error
Success
I'm not sure what the Domino server positive test result would look
like but my incompetent *guess* is that the egrep ...
if(egrep(pattern:"[A-Z]:.*com5\.pl", string:r, icase:TRUE))
security_warning(port);
should be (at least) icase:FALSE (?)
Or ... AND NOT egrep("http://.*com5\.pl",string:r_matched,...) ?
% curl -si http://target:8080/cgi-bin/com5.pl|egrep -i "[A-Z]:.*com5\.pl"
url = The URL that was asked for (='http://target:8080/cgi-bin/com5.pl').
<b><tt>http://target:8080/cgi-bin/com5.pl</tt></b>
--
Martin Maèok http://underground.cz/
martin.macok@underground.cz http://Xtrmntr.org/ORBman/
target:8080 running WWWOFFLE/2.8a (caching http proxy)
% nasl -t target lotus_path_disclosure.nasl
HTTP/1.1 503 WWWOFFLE Remote Host Error
Success
I'm not sure what the Domino server positive test result would look
like but my incompetent *guess* is that the egrep ...
if(egrep(pattern:"[A-Z]:.*com5\.pl", string:r, icase:TRUE))
security_warning(port);
should be (at least) icase:FALSE (?)
Or ... AND NOT egrep("http://.*com5\.pl",string:r_matched,...) ?
% curl -si http://target:8080/cgi-bin/com5.pl|egrep -i "[A-Z]:.*com5\.pl"
url = The URL that was asked for (='http://target:8080/cgi-bin/com5.pl').
<b><tt>http://target:8080/cgi-bin/com5.pl</tt></b>
--
Martin Maèok http://underground.cz/
martin.macok@underground.cz http://Xtrmntr.org/ORBman/